Network Analysis and Design Report for Soylent Company
VerifiedAdded on  2023/04/22
|4
|1631
|147
AI Summary
This is a network analysis and design report for Soylent Company. The report identifies the current network designing faults, outlines the recommendations for improving the network. Finally, the report discusses the security control measures that the Soylent Company should implement in their network.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Data Communications
Assignment 2, Session 1, 2019
Name: Student Number:
Network Analysis and Design
Introduction
This is a network analysis and design report for Soylent Company.
The report identifies the current network designing faults, outlines the
recommendations for improving the network. Finally, the report
discusses the security control measures that the Soylent Company
should implement in their network.
Identifying network design faults
The network design for Soylent Company that has been presented
does not include any security features that Soylent Company have
adopted. For instance, any connectivity to the internet exposes the
network to vulnerable attacks as there are no firewall or proxy servers
to filter the incoming and outgoing network traffic.
The company allows its employees to come with their laptops, and
that may also mean that they carry with them smart devices such as
smartphones. Since the company lacks a bring-your-own-device policy,
these devices can be exploited by hackers to attack the network of
Soylent Company [1].
Network security also includes the physical security of the
network. Since Soylent Company shares a building with other tenants,
we can conclude that their network is exposed to unauthorized users
who may have physical access to this network.
If for instance, a personal laptop or a smart device is affected by a
trojan horse program, and it is plugged into Soylent Company’s
network, the security of that network becomes automatically
compromised [2]. It is imperative that Soylent Company develops
policies that protect or restrict employees from bringing their own
smart devices to the workplace as they open up points of attack from
hackers.
Improving network design
Increased cases of cyber-attacks have seen many organizations
especially those using critical systems struggling to keep up with the
pace that technology is evolving at to ensure their system are secure
Assignment 2, Session 1, 2019
Name: Student Number:
Network Analysis and Design
Introduction
This is a network analysis and design report for Soylent Company.
The report identifies the current network designing faults, outlines the
recommendations for improving the network. Finally, the report
discusses the security control measures that the Soylent Company
should implement in their network.
Identifying network design faults
The network design for Soylent Company that has been presented
does not include any security features that Soylent Company have
adopted. For instance, any connectivity to the internet exposes the
network to vulnerable attacks as there are no firewall or proxy servers
to filter the incoming and outgoing network traffic.
The company allows its employees to come with their laptops, and
that may also mean that they carry with them smart devices such as
smartphones. Since the company lacks a bring-your-own-device policy,
these devices can be exploited by hackers to attack the network of
Soylent Company [1].
Network security also includes the physical security of the
network. Since Soylent Company shares a building with other tenants,
we can conclude that their network is exposed to unauthorized users
who may have physical access to this network.
If for instance, a personal laptop or a smart device is affected by a
trojan horse program, and it is plugged into Soylent Company’s
network, the security of that network becomes automatically
compromised [2]. It is imperative that Soylent Company develops
policies that protect or restrict employees from bringing their own
smart devices to the workplace as they open up points of attack from
hackers.
Improving network design
Increased cases of cyber-attacks have seen many organizations
especially those using critical systems struggling to keep up with the
pace that technology is evolving at to ensure their system are secure
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
from the ever-developing new attacks techniques and tools. This has led
increased access to a wide variety of security tools and technology,
countless security checklist, benchmarks, and safety control catalogs.
Also, there has been emergence of threat information feeds, risk
management framework, system security requirements sites, and
compliance rules making it easy for system security practitioners to
access information on how to adopt and implement control structures to
secure their infrastructure [3].
For instance, mature controls include data recovery procedure,
antimalware, and boundary defense control. To implement mature
controls, one has to determine the system or assets which contain
information, devices, and data that has to be protected. This may also
include the computing system, data storage devices, organizational
network, and any other third party devices relevant in the
accomplishment of business operations. Mature controls should be
deployed and implemented depending on the inherent risk that they
pose to Soylent Company.
This calls for Soylent Co. to develop an inherent risk rating
document which shows both the physical and logical risk linking to
higher classified assets. For instance, an asset having logical access to
credit cards database and pin numbers is critically high than an asset
with human resource data. Therefore, the asset with credit card
numbers should be ranked high to ensure accurate measures
concerning antivirus tools and firewalls are implemented, disaster
recovery plan, and continuity of operations are well documented to
avoid delayed resume of service after risk occurrence [4].
Suppose Soylent Co. has a manager who after carrying out
business operations and transactions stores the data in the computer's
hard drive only. One day, the hard disk crashes due to a power issue,
and all the information in the hard drive will be lost. To prevent this
risk, the manager should have made copies of the same data and should
have stored it in a server or in a cloud whereby it is safe.
Security
Network security is essential to protect our data from unapproved
access, modification, exploitation, or network denial as well as network
resources. Building up a protected computing environment is
troublesome as networks turn out being progressively interconnected,
and information flows perpetually openly. In the business, availability is
never again discretionary, and the possible network risks do not exceed
the gains. In this way, it is imperative to authorize networks to help
security profits that give sufficient protection to organizations that lead
the business in an open environment [5].
Numerous firms battle to implement network infrastructures
towards upgrading network security and monitoring. Companies invest
increased access to a wide variety of security tools and technology,
countless security checklist, benchmarks, and safety control catalogs.
Also, there has been emergence of threat information feeds, risk
management framework, system security requirements sites, and
compliance rules making it easy for system security practitioners to
access information on how to adopt and implement control structures to
secure their infrastructure [3].
For instance, mature controls include data recovery procedure,
antimalware, and boundary defense control. To implement mature
controls, one has to determine the system or assets which contain
information, devices, and data that has to be protected. This may also
include the computing system, data storage devices, organizational
network, and any other third party devices relevant in the
accomplishment of business operations. Mature controls should be
deployed and implemented depending on the inherent risk that they
pose to Soylent Company.
This calls for Soylent Co. to develop an inherent risk rating
document which shows both the physical and logical risk linking to
higher classified assets. For instance, an asset having logical access to
credit cards database and pin numbers is critically high than an asset
with human resource data. Therefore, the asset with credit card
numbers should be ranked high to ensure accurate measures
concerning antivirus tools and firewalls are implemented, disaster
recovery plan, and continuity of operations are well documented to
avoid delayed resume of service after risk occurrence [4].
Suppose Soylent Co. has a manager who after carrying out
business operations and transactions stores the data in the computer's
hard drive only. One day, the hard disk crashes due to a power issue,
and all the information in the hard drive will be lost. To prevent this
risk, the manager should have made copies of the same data and should
have stored it in a server or in a cloud whereby it is safe.
Security
Network security is essential to protect our data from unapproved
access, modification, exploitation, or network denial as well as network
resources. Building up a protected computing environment is
troublesome as networks turn out being progressively interconnected,
and information flows perpetually openly. In the business, availability is
never again discretionary, and the possible network risks do not exceed
the gains. In this way, it is imperative to authorize networks to help
security profits that give sufficient protection to organizations that lead
the business in an open environment [5].
Numerous firms battle to implement network infrastructures
towards upgrading network security and monitoring. Companies invest
a lot of effort, time as well as money while never tending to the essential
issue of adequate network security design. Soylent Co. should use the
concept of defense in depth to secure its network. Defense in depth is
the idea of securing a PC network with a progression of guarded
components to such an extent that in the event that one mechanism
comes up short, another will be ready towards thwarting an attack.
Since there is a significant number of potential attackers with such an
extensive assortment of attack techniques available, there is no single
approach to secure a PC network effectively. Using the technique of
defense in depth is likely to diminish the danger of having an effective
exorbitant network attack.
Defense-in-depth refer to information protection concept where
security multiple layers are placed in the systems so that even if the
system is attacked or a vulnerability is exploited, and the system
attacked, there are several security or defense mechanisms to handle
the security issue [6]. For example, defense-in-depth is the security
approach that was used by organizations such as the NSA. Here there
are several layers of defenses to protect the system against a particular
attack, such that if one defense fails, another defense mechanism will
protect the system.
Defense-in-depth consists of three areas as Physical security: This is
physical security for the IT systems such as guards, fences to protect
the facilities. Technical security: This is the implementation of technical
security such as encryption, fingerprint authentication, etc.
Administrative controls: This is about organizational policies and
procedures which are made in order to guarantee that security and
regulations are met. Both technical security and administrative controls
need to be implemented for Soylent Co [7].
Access rights ought to be founded on the requirements of the
pertinent user to carry out legitimate as well as approved activities on
the data systems. Approaches, methodology, and criteria should be built
up for both the allowing of suitable access rights and to establish those
legitimate activities. A viable control approach incorporates various
controls to defend and restrains access to key data system resources at
all layers in the system stack. This will help Soylent Co. to avoid security
breaches in the future.
Conclusion
Adoption of Critical Security Controls requires Soylent Co. to have
an implementation roadmap giving the most sensitive risks highest-
priority controls the shortest time possible for them to be implemented.
Critical Security Controls can be deployed and applied partially or fully.
No single security effort can satisfactorily secure a network; there is
basically an excessive number of techniques accessible to an attacker
for this to work. Network Security help to take physical as well as
software deterrent measures towards shielding the basic systems
issue of adequate network security design. Soylent Co. should use the
concept of defense in depth to secure its network. Defense in depth is
the idea of securing a PC network with a progression of guarded
components to such an extent that in the event that one mechanism
comes up short, another will be ready towards thwarting an attack.
Since there is a significant number of potential attackers with such an
extensive assortment of attack techniques available, there is no single
approach to secure a PC network effectively. Using the technique of
defense in depth is likely to diminish the danger of having an effective
exorbitant network attack.
Defense-in-depth refer to information protection concept where
security multiple layers are placed in the systems so that even if the
system is attacked or a vulnerability is exploited, and the system
attacked, there are several security or defense mechanisms to handle
the security issue [6]. For example, defense-in-depth is the security
approach that was used by organizations such as the NSA. Here there
are several layers of defenses to protect the system against a particular
attack, such that if one defense fails, another defense mechanism will
protect the system.
Defense-in-depth consists of three areas as Physical security: This is
physical security for the IT systems such as guards, fences to protect
the facilities. Technical security: This is the implementation of technical
security such as encryption, fingerprint authentication, etc.
Administrative controls: This is about organizational policies and
procedures which are made in order to guarantee that security and
regulations are met. Both technical security and administrative controls
need to be implemented for Soylent Co [7].
Access rights ought to be founded on the requirements of the
pertinent user to carry out legitimate as well as approved activities on
the data systems. Approaches, methodology, and criteria should be built
up for both the allowing of suitable access rights and to establish those
legitimate activities. A viable control approach incorporates various
controls to defend and restrains access to key data system resources at
all layers in the system stack. This will help Soylent Co. to avoid security
breaches in the future.
Conclusion
Adoption of Critical Security Controls requires Soylent Co. to have
an implementation roadmap giving the most sensitive risks highest-
priority controls the shortest time possible for them to be implemented.
Critical Security Controls can be deployed and applied partially or fully.
No single security effort can satisfactorily secure a network; there is
basically an excessive number of techniques accessible to an attacker
for this to work. Network Security help to take physical as well as
software deterrent measures towards shielding the basic systems
networking infrastructure against unapproved access, abuse,
breakdown, alteration, demolition, or improper release, which might
result in a protected platform for PCs, as well as programs to perform
their permitted basic capacities within a safe environment. Use of
access controls will help solve the cross-departmental issues that the
engineering and the human resource departments of Soylent Co. are
currently having.
breakdown, alteration, demolition, or improper release, which might
result in a protected platform for PCs, as well as programs to perform
their permitted basic capacities within a safe environment. Use of
access controls will help solve the cross-departmental issues that the
engineering and the human resource departments of Soylent Co. are
currently having.
1 out of 4
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.